<?php

namespace App\Http\Middleware;

use App\Models\User;
use Auth;
use Closure;

class OwnerOnly
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure                 $next
     *
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        /** @var User $user */
        $user = Auth::user();
        if (!$user->hasRole('owner')) {
            return redirect(url('/'))->with('error_msg', '需要 owner 权限');
        }

        return $next($request);
    }
}
